Latest data dump also apparently contains ‘a wide range of passwords and API tokens’
Entities using the name and iconography of Anonymous (EUTNAIOA) claim to have leaked server disk images extracted from Epik – the controversial US outfit that has provided services to far-right orgs such as the Oath Keepers and Gab, provided a home to social-network-for-internet-outcasts Parler, and hosted hate-hole 8chan.
Epik made a virtue of providing such services. In a blog post defending its decision to operate Gab’s domain name after GoDaddy declined to do so, Epik CEO Rob Monster argued it was a free speech issue, and said deplatforming companies is both censorship and a violation of inalienable rights.
EUTNAIOA earlier leaked 180 GB of data it said it siphoned from Epik servers, plenty of it detailing the activities of far-right groups such as The Proud Boys and the ridiculous QAnon mob. This included personally identifiable information, domain ownership records, account credentials and SSH keys, internal Git repos, payment histories, and more.
The hacktivist collective justified the release of stolen data on the grounds it exposed racists, and dubbed the operation: Epik Fail.
- Remember Anonymous? It/they might be back, and it/they are angry with Elon Musk
- Sorry script kiddies, hacktivism isn’t cool anymore: No one cares about stuff that’s easy-peasy to defend against
- Anonymous floods Thai gov websites to protest backpacker murder case
That document dump was shared around the internet and was widely assessed as authentic. At least one Epik customer identified in the leaked files – a Florida estate agent – was fired as a result of the leak; it emerged he had tried to register domains such as theholocaustisfake.com via the web biz.
This latest super-dump of stolen Epik data was first reported by the Daily Dot on Wednesday after EUTNAIOA shared the information as a torrent.
One of the publication’s reporters tweeted a partial screen shot of the collective’s announcement of the leak, and detailed some of its contents:
We’re told the dump is a 70GB archive of files and “several bootable disk images of assorted systems” that represent Epik’s server infrastructure. Journalist Steve Monacelli, who broke the news of the first data release, said the latest leak expands to 300GB.
“This leak appears to be fully bootable disk images of Epik servers, including a wide range of passwords and API tokens,” he added.
A security expert who uses the handle “WhiskeyNeon” has posted the video below that depicts some of Epik’s VMs in action.
In the latest #EpikHack leak, we can see the extent of the ownage. Server 3 holds some of the previously leaked data, including the keys to the castle. Shoutout to @INIT_3 for assistance researching. Check out reporting from @MikaelThalen and @stevanzetti for more! #OperationJane pic.twitter.com/s3MN9crDKG— ☠️ ᴡʜɪꜱᴋᴇyɴᴇᴏɴ ☠️ #thotleader (@WhiskeyNeon) September 29, 2021
And that’s all that’s made it into public view at this time, it appears.
The Distributed Denial of Secrets collective, which is separate to EUTNAIOA and helped spread the initial leak, said those who ransacked Epik’s systems had claimed to have obtained “bootable disk images.”
After the first release of data, Epik’s Monster CEO conducted a video chat session in which he claimed the data was likely sourced from a backup that was “intercepted,” but didn’t elaborate.
Whatever the data dump contains, and however it was obtained, interest in the data trove is enormous because it is felt to offer extraordinary insights into how far-right groups operate.
And as FBI director Christopher Wray said in a March statement to the United States’ Senate Judiciary Committee, the Feds consider the top threat the nation faces from domestic violent extremists to be “those we identify as racially or ethnically motivated violent extremists, specifically those who advocate for the superiority of the white race.”
Epik happily hosts services and individuals who hold those views.